Hooking Coding Agents with the Cedar Policy Language
Matt Maisel
[un]prompted 2026 — AI Security Practitioner Conference · Day 1 · 2
Coding agents plan, generate, execute, and loop — and every step of that loop is a potential policy enforcement point. Matt Maisel of Sendera demonstrates how to intercept the full trajectory of a coding agent using tool hooks and adjudicate every action with the Cedar policy language, creating a deterministic, formally verifiable security boundary that operates outside the model itself and cannot be bypassed through prompt injection. ---
AI review
Cedar as a trajectory-aware policy language for coding agents is a genuinely novel application of a well-engineered tool. The lethal trifecta framework is clean, the four demos are concrete, and the information flow control with trajectory tainting is the most technically interesting piece. A lightning talk format that actually delivers.